How Your Brainwaves Can Be Used To Steal Passwords And Private Data

Short Bytes: With the increasing work in the field of brain-computer interfaces, we are witnessing a new kind of security risk of brainwave hacking. Nitesh Saxena from the University of Alabama at Birmingham has shown that malicious software can be used to guess passwords and other private data. By training its notorious algorithm using random text inputs, a game can make good guesses about the new characters being entered by a user simply by reading brainwaves.

The research in the field of the brain-computer interface is on the rise. Recently, we told you about Facebook’s ongoing work on helping you type with your brain, without moving any finger. Elon Musk’s Neuralink was also reported as a development in the same field of brain-computer interface. But, what about the security aspects of such devices?

Nitesh Saxena, an associate professor at the University of Alabama at Birmingham, has performed research and showed how brain-wave-sensing headsets can guess PINs and passwords being used by a person, writes MIT Tech Review.

In this brainwave hacking study, Emotiv’s Epoc+, a brain-wave-reading headset, was used. Such headsets with electrodes detect voltage change in the outer layer of the brain. These headsets are used in research, medicine, and also sold as game controllers.

The idea was tested that a person who pauses a gaming session to use banking services while still wearing headsets is at risk. This risk can arise due to malicious software snooping on the personal credentials by sniffing brain waves.

The game’s software can learn the link between brain waves and typing by asking the users to enter text or code as a part of the game. Saxena found that after a person had finished entering about 200 characters, an educated guess can be made about the new characters.

While this brainwave hacking method is far from perfect in guessing the passwords, it shortens the odds of guessing a 4-digit PIN from 1 in 10,000 to 1 in 20. Similarly, the chances of guessing a 6-letter password are increased to 1 in 500.

Saxena says that the privacy factor must be taken into account while dealing with such interfaces. “I would say it’s a risk for today’s devices, and with more advanced devices much more could be done in future,” he adds.

Did you find this story on brainwave hacking interesting? Don’t forget to share your views.